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REMARKS/ARGUMENTS 

I. Introduction : 

Claims 1, 10, 14, 18, and 25 are amended herein. Claims 1-28 are currently 
pending. 

II. Claim Rejections Under 35 U.S.C. 1 12 : 

Claim 10 has been amended to clarify that the information sent to the virtual 
private network's AAA server is different than accounting information sent to the 
service provider's AAA server. As amended, claim 10 is believed to comply with the 
requirements under 35 U.S.C. 112. 

III. Claim Rejections Under 35 U.S.C. 103 : 

Claims 1-10, 12-17, and 25-28 stand rejected under 35 U.S.C. 103(a) as being 
unpatentable over U.S. Patent Publication No. US 2002/0010865 (Fulton et al.) in view 
of Applicant Admitted Prior Art (Background of the Invention). 

Fulton et al. disclose a method and apparatus for remote office access 
management. A remote user 100 dials a number associated with a remote office access 
server to establish a connection between the user and the remote office access server 
(Fig. 1). User identification information is passed from the remote office access server 
to a security server 130, which authenticates the user information. If access is granted, 
the security server returns the authentication decision to the remote access server and 
data is permitted to pass between the user and the customer network (LAN) 150. Fig. 2 
illustrates details of the remote office access manager network 1 10 of Fig. 1. The 
remote office access manager network includes a remote office access manager security 
server 178 which is used for AAA (see, paragraphs 0027 and 0031-0032). 
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Applicants respectfully submit that claims 1-10 and 12-17 are patentable over 
Fulton et al. Claim 1 generally requires: receiving a request from a remote user for 
connection with a virtual private network at a virtual home gateway; associating the 
remote user with the virtual private network; sending a request to authenticate the 
remote user from the virtual home gateway to the AAA server; and connecting the 
remote user to the virtual private network if the AAA server authenticates the user. 
Claim 1 has been amended to clarify that the AAA server is located within the virtual 
private network. 

Fulton et al. do not disclose providing authentication in a virtual private network 
(or local area network) by sending a request to authenticate to a remote user to an AAA 
server located within the virtual private network (or local area network). In contrast to 
applicants' invention, Fulton et al. disclose AAA traffic flow to a server located within a 
remote office access manager network, which is in communication with a local area 
network (LAN). AAA is performed at a remote office access network in direct 
communication with the remote user. Furthermore, since the authentication is 
performed at the remote office manager network and not the LAN to which the remote 
user wants to establish a connection with, there is no need to associate the remote user 
with the LAN to perform authentication. 

Applicants' invention is particularly advantageous in that it eliminates the need 
for an AAA proxy and all the associated security hazards by allowing an AAA server 
located within a virtual private network to communicate directly with a service 
provider. 

Accordingly, claim 1 is submitted as patentable over Fulton et al. 

Claims 2-13, depending either directly or indirectly from claim 1, are submitted 
as patentable for at least the same reasons as claim 1. 

Claims 2 and 3 are further submitted as patentable over Fulton et al., which do 
not show or suggest receiving a virtual private network ID and address of an AAA 
server of the virtual private network. As discussed above, the remote user is not 
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associated with a virtual private network and the AAA server is not located within a 
virtual private network. 

Furthermore, claim 3 requires the virtual private network ID to bind a profile of 
the virtual private network to a routing table of the virtual home gateway. In rejecting 
claim 3, the Examiner refers to paragraphs 0025 and 0070 of Fulton et al. Paragraph 25 
describes how a network routing element, separate from the remote office access 
network and customer network (see Fig. 1), is used for routing to an appropriate 
customer network. Thus, there is no need to bind a profile of the customer network to a 
routing table of the remote office access network. 

Similarly, Fulton et al. do not route an authentication request using a customer 
routing table in the customer network, since the routing is performed based on routing 
information not obtained from the customer network. Thus, claim 6 is submitted as 
patentable over Fulton et al. and the AAPA. 

Claims 8, 9, and 10 are further submitted as patentable over Fulton et al. which 
do not disclose sending an accounting request to the customer network. Also, Fulton et 
al. do not send different accounting information to a virtual private network's AAA 
server and service provider's AAA server, as set forth in claim 10. 

Claim 14 is directed to a computer program product for providing authentication 
in a virtual private network having an AAA server and is submitted as patentable for at 
least the reasons discussed above with respect to claim 1. 

Claims 15-17, depending directly from claim 14, are submitted as patentable for 
the same reasons as claim 14. Claim 17 is further submitted as patentable for the 
reasons discussed above with regard to claim 3. 
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Claims 1 1 and 18-24 stand rejected under 35 U.S.C. 103(a) as being 
unpatentable over Fulton et al. in view of U.S. Patent Publication No. 2002/0075844 
(Hagen). 

As noted by the Examiner, Fulton et al. do not teach identifying a virtual private 
network based on a domain name. 

Hagen discloses a system and method for integrating public and private network 
resources for optimized broadband wireless access. A network access server is 
associated with each wireless, radio frequency communication device and provides an 
interface between the wireless, mobile terminals and the private network. Hagen does 
not remedy the deficiencies discussed above with respect to the primary reference. 
Furthermore, Hagen does not show or suggest associating a remote user with a virtual 
private network by identifying the virtual private network based on a domain name, as 
set forth in claim 1 1. In contrast to using a domain name to identify a virtual private 
network, Hagen discloses using the same wireless domain name for all WAP-containing 
networks (paragraph 0049). Thus, Hagen teaches away from associating a remote user 
with a specific virtual private network by using a domain name to identify the desired 
virtual private network. 

With regard to claim 18, the Examiner notes that Fulton et al. do not teach a 
processor operable to look up the address of the virtual private network AAA server 
based on information received from the remote user. In rejecting claim 18, the 
Examiner refers to paragraphs 0061 and 0175 of Hagan. Paragraph 0061 describes a 
NAS integrated in a wireless phone. Paragraph 0175 describes a registration process 
which involves verifying information provided on a registration form by a subscriber. 
A NAS is used to verify fields entered by a user on a registration form. After 
completing the registration process data is transmitted to the NAS. There is no teaching 
of a processor operable to look up the address of a virtual private network AAA server 
based on information received from a remote user. 
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Accordingly, claim 18 is submitted as nonobvious over Fulton et al. and Hagen. 
Claims 19-24, depending either directly or indirectly from claim 18, are submitted as 
patentable for at least the same reasons as claim 18. 

Claim 25 is a system claim corresponding to the method of claim 1 and is 
submitted, along with dependent claims 26-28, as patentable for the reasons discussed 
above with respect to claim 1. 

IV. Conclusion 

For the foregoing reasons, Applicants believe that all of the pending claims are 
in condition for allowance and should be passed to issue. If the Examiner feels that a 
telephone conference would in any way expedite the prosecution of the application, 
please do not hesitate to call the undersigned at (408) 399-5608. 



Respectfully submitted, 




Cindy S. Kaplan 
Reg. No. 40,043 



P.O. Box 2448 



Saratoga, CA 95070 
Tel: 408-399-5608 
Fax: 408-399-5609 
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